[Owasp-leaders] A great story

Jim Manico jim.manico at owasp.org
Fri Feb 1 22:33:54 UTC 2013


I do not think of XSS as an attack, XSS is a weakness or vulnerability.

An attack would be something like "Site Defacement using XSS".

Aloha,
Jim

> Roughly. XSS is used as
>  xss = weakness, vulnerability, attack (and some more)
> 
> 
> Am 01.02.2013 22:23, schrieb Eoin:
>> Nope. Risk is impact x probability
>> Vulns = xss SQLI etc
>>
>> Eoin Keary
>> Owasp Global Board
>> +353 87 977 2988
>>
>>
>> On 1 Feb 2013, at 20:43, Tom Brennan <tomb at owasp.org> wrote:
>>
>>> Considering its risks not vulns., hope he updates his cards for 2013
>>>
>>>
>>> On Feb 1, 2013, at 3:39 PM, "Dennis Groves" <dennis.groves at owasp.org> wrote:
>>>
>>>> Hello OWASP,
>>>>
>>>> I couldn't resist posting this to the list! I think that is just pure awesome!
>>>>
>>>> I ran across this sole proprietor of this security firm this week at a local security event. He expressed a great deal of gratitude and thanked us for all the amazing work the community has produced.
>>>>
>>>> He said he had the OWASP top 10 on the back of his business cards since the OWASP top 10 was published, but he didn't have any with him, so I gave him mine and promised to send me his card when he got home.
>>>>
>>>> And since they are digital, I just had to share this with the list. He said OWASP helped his micro-business enormously because his clients were not able to ignore his advice anymore because 'the worlds security experts' were advocating the same practices.
>>>>
>>>> Anyhow, I love stories about how OWASP made a difference for people & I hope you do too.
>>>>
>>>> Dennis
>>>>
>>>> Dennis Groves, MSc
> 
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 



More information about the OWASP-Leaders mailing list